* release:
build: bump version
CHANGELOG: add entries for #1142 and #1131
Temporarily work around SSHJ compatibility issues (#1142)
all: refactor ActivityResultContracts usages to adhere to API requirements
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
Using ECDSA either as a key exchange or a host key algorithm fails with
SSHJ 0.30.0 on Android, but should again become possible in 0.31.0.
While we wait for the release, demote ECDSA in the list of key
algorithms (as it should still be available for public key auth) and
remove it from the list of key exchange algorithms.
(cherry picked from commit 0d2788ab54)
The newest versions of AndroidX Activity and Fragments correctly enforce the
requirement for all contracts to be registered at class init or before
the lifecycle has reached `Lifecycle.State.STARTED`. To comply with these requirements,
move all instances of `registerForActivityResult` being called at arbitrary points
in the code to be done at class init.
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
(cherry picked from commit cf03c55478)
Using ECDSA either as a key exchange or a host key algorithm fails with
SSHJ 0.30.0 on Android, but should again become possible in 0.31.0.
While we wait for the release, demote ECDSA in the list of key
algorithms (as it should still be available for public key auth) and
remove it from the list of key exchange algorithms.
If Autofill shows a warning about an app whose publisher changed and the
user decides to trust the app and clear previous matches, they should
immediately be given the option to select a new match.
Previously, as AutofillPublisherChangedActivity did not return a
result, the old FillResponse with just a warning would be reused. We
now pass a useful response with no matches on to the activity, which
returns it after the user has chosen to reset the publisher info.
The newest versions of AndroidX Activity and Fragments correctly enforce the
requirement for all contracts to be registered at class init or before
the lifecycle has reached `Lifecycle.State.STARTED`. To comply with these requirements,
move all instances of `registerForActivityResult` being called at arbitrary points
in the code to be done at class init.
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
* BaseGitActivity: unwrap root cause for InvalidRemoteException as well
JGit's InvalidRemoteException, like TransportException, swallows more
useful errors as is clear from this (redacted) snippet.
```
D org.eclipse.jgit.api.errors.InvalidRemoteException: Invalid remote: origin
D at org.eclipse.jgit.api.FetchCommand.call(FetchCommand.java:26)
D at org.eclipse.jgit.api.PullCommand.call(PullCommand.java:41)
D at com.zeapo.pwdstore.git.GitCommandExecutor$execute$2$result$1.invokeSuspend(GitCommandExecutor.kt:2)
D at kotlin.coroutines.jvm.internal.BaseContinuationImpl.resumeWith(ContinuationImpl.kt:3)
D at kotlinx.coroutines.DispatchedTask.run(DispatchedTask.kt:15)
D at kotlinx.coroutines.scheduling.CoroutineScheduler.runSafely(CoroutineScheduler.kt:1)
D at kotlinx.coroutines.scheduling.CoroutineScheduler$Worker.run(CoroutineScheduler.kt:13)
D Caused by: org.eclipse.jgit.errors.NoRemoteRepositoryException: ssh://msfjarvis@[fe80::dead:beef]:22/pass-repo: fatal: '/pass-repo'
does not appear to be a git repository
D at org.eclipse.jgit.transport.TransportGitSsh.cleanNotFound(TransportGitSsh.java:14)
D at org.eclipse.jgit.transport.TransportGitSsh$SshFetchConnection.<init>(TransportGitSsh.java:20)
D at org.eclipse.jgit.transport.TransportGitSsh.openFetch(TransportGitSsh.java:1)
D at org.eclipse.jgit.transport.FetchProcess.executeImp(FetchProcess.java:1)
D at org.eclipse.jgit.transport.Transport.fetch(Transport.java:20)
D at org.eclipse.jgit.api.FetchCommand.call(FetchCommand.java:18)
```
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
* Add changelog entry
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
* Ensure we're creating dialogs on the main thread
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
* Remove unused operation type
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
* Refactor launchGitOperation to use an enum
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
* OnboardingActivity: fix directory change option
Add an else clause to cover the case when storage permission is granted already
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
* all: rename permission grant method
The new name is a bit more explicit about its purpose
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
* UserPreference: add static method for external directory selection intent
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
* DecryptActivity: properly calculate remaining OTP time on first pass
We default to 30 seconds for each recalculation but the first run might not have 30 seconds left in its period, making the value stale much earlier. While most websites offer another 30 seconds of validity for TOTP codes, many do not, thus making it hard to enter a correct OTP
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
* Update changelog
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
* Double check Git server protocol
Ensure that the Git server protocol is not at odds with the URL scheme.
Also move the Protocol switches below the URL to make it clear that the
URL should be entered first.
* Remove protocol selection from server config
The protocol is now extracted from the URL, and the authentication mode selection is validated by GitSettings
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
* Don't use pref values for auth modes
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
* Apply suggestions from code review
Remove now unused protocol mismatch result type
Co-authored-by: Fabian Henneke <FabianHenneke@users.noreply.github.com>
* Simplify migration logic and fix tests
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
* Revert "Simplify migration logic and fix tests"
This reverts commit 1c4c4ba5fbc212843cb6b74dd29ac858eaea7582.
* Detect URLs with null scheme as ssh
* Add changelog entry
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
Co-authored-by: Harsh Shandilya <me@msfjarvis.dev>
Co-authored-by: Harsh Shandilya <msfjarvis@gmail.com>
* release:
build: bump version
Add changelog entry for HTTPS authentication
Return HTTPS URI username from CredentialsProvider (#1049)
Prevent racing double commits on password creation (#1047)
Prepare release 1.11.2
Let the PasswordFinderCredentialsProvider support Username as a
CredentialItem type and return the user part of the repository URI when
it is requested.
(cherry picked from commit 679037b81d)
Let the PasswordFinderCredentialsProvider support Username as a
CredentialItem type and return the user part of the repository URI when
it is requested.
* Update sshj to 0.30.0 and improve algorithm order
Updates sshj to 0.30.0, which brings support for rsa-sha2-* key types
and bugfixes related to RSA certificates and Android Keystore backed
keys.
Along the way, this improves the algorithm preferences to be consistent
with the Mozilla Intermediate SSH configuration (as far as possible,
given that most certificate types and some encryption algorithms are
not yet supported).
We also add "ext-info-c" to the kex algorithm proposal to work around
certain kinds of "user agent sniffing" that limits the support of
rsa-sha2-* key types.
* Add SSHJ backend for OpenKeychain authentication
* Address review comments
Co-authored-by: Harsh Shandilya <me@msfjarvis.dev>
* Update sshj to 0.30.0 and improve algorithm order
Updates sshj to 0.30.0, which brings support for rsa-sha2-* key types
and bugfixes related to RSA certificates and Android Keystore backed
keys.
Along the way, this improves the algorithm preferences to be consistent
with the Mozilla Intermediate SSH configuration (as far as possible,
given that most certificate types and some encryption algorithms are
not yet supported).
We also add "ext-info-c" to the kex algorithm proposal to work around
certain kinds of "user agent sniffing" that limits the support of
rsa-sha2-* key types.
* Preserve SSH key passphrase on connection errors
Co-authored-by: Harsh Shandilya <me@msfjarvis.dev>
Updates sshj to 0.30.0, which brings support for rsa-sha2-* key types
and bugfixes related to RSA certificates and Android Keystore backed
keys.
Along the way, this improves the algorithm preferences to be consistent
with the Mozilla Intermediate SSH configuration (as far as possible,
given that most certificate types and some encryption algorithms are
not yet supported).
We also add "ext-info-c" to the kex algorithm proposal to work around
certain kinds of "user agent sniffing" that limits the support of
rsa-sha2-* key types.
* - XkPasswordGeneratorDialogFragment: add symbol/number mask to allow appending numbers+symbols via a mask such as `ddds` which would generate random.password123!; position of `d` and `s` is not currently considered; only the count is relevant
* - update CHANGELOG.md
* - update CHANGELOG.md
* - rename constants
* Update CHANGELOG.md
Co-authored-by: Harsh Shandilya <me@msfjarvis.dev>
* - add missing marginTop
* - add missing marginTop
Co-authored-by: null <null>
Co-authored-by: Harsh Shandilya <me@msfjarvis.dev>
Co-authored-by: glowinthedark <glowinthedark>
Co-authored-by: Harsh Shandilya <msfjarvis@gmail.com>
* build: update to Kotlin 1.4
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
* UserPreference: finish if directory selection was triggered from an intent
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
* PasswordStore: switch permission request to ActivityResultContracts
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
* PasswordStore: fix activity reference
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
* GitOperationActivity: make invalid values more obvious
Would have caught this issue much sooner if I had just done this
Fixes: 3d8cea5966 ("Improve permission handling logic (#732)")
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
* Assorted collection of hackery to make external storage use palatable
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
* Update changelog
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
* Add symlink support to JGit (#1016)
* Add symlink support to JGit
* Fix a typo
Co-authored-by: Harsh Shandilya <me@msfjarvis.dev>
* Prevent crash when following a broken symlink
Co-authored-by: Harsh Shandilya <me@msfjarvis.dev>
* Make Git config URL-based and refactor
* Use Kotlin style null handling for string prefs
* Also show an error if generated URL can't be parsed
* Add some testcases for migration strategy
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
Co-authored-by: Harsh Shandilya <me@msfjarvis.dev>
* Refactor uses of applicationContext and startActivityForResult
This commit applies three types of refactoring:
1. Remove context argument from PasswordRepository companion functions
by relying on Application.instance.
2. Introduce a sharedPrefs extension function on Context that returns
the default SharedPreferences for the applicationContext.
3. Use OpenDocument() and OpenDocumentTree() contracts.
* Drop toPasswordItem argument
min and max were deprecated in favor of minOrNull and maxOrNull respectively to match their names to the typical
naming format used by stdlib methods with nullable return types
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
SMS OTP Autofill currently crashes for two reasons:
1. Tasks.await has a precondition of not running on the UI thread.
2. Exceptions thrown from Tasks are always wrapped into
ExecutionExceptions and need to be unwrapped before they can be
identified as ResolvableApiException.
This commit addresses both issues by making waitForSms a proper
coroutine using withContext and a custom wrapper around Task<T> that
relies on suspendCoroutine and automatically unwraps exceptions.
(cherry picked from commit 3afeff45d8)
SMS OTP Autofill currently crashes for two reasons:
1. Tasks.await has a precondition of not running on the UI thread.
2. Exceptions thrown from Tasks are always wrapped into
ExecutionExceptions and need to be unwrapped before they can be
identified as ResolvableApiException.
This commit addresses both issues by making waitForSms a proper
coroutine using withContext and a custom wrapper around Task<T> that
relies on suspendCoroutine and automatically unwraps exceptions.